summaryrefslogtreecommitdiffstats
path: root/share/man/man4/safe.4
diff options
context:
space:
mode:
Diffstat (limited to 'share/man/man4/safe.4')
-rw-r--r--share/man/man4/safe.4129
1 files changed, 129 insertions, 0 deletions
diff --git a/share/man/man4/safe.4 b/share/man/man4/safe.4
new file mode 100644
index 0000000..5cb085f
--- /dev/null
+++ b/share/man/man4/safe.4
@@ -0,0 +1,129 @@
+.\"-
+.\" Copyright (c) 2003 Sam Leffler, Errno Consulting
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" $FreeBSD$
+.\"/
+.Dd April 1, 2006
+.Dt SAFE 4
+.Os
+.Sh NAME
+.Nm safe
+.Nd SafeNet crypto accelerator
+.Sh SYNOPSIS
+To compile this driver into the kernel,
+place the following lines in your
+kernel configuration file:
+.Bd -ragged -offset indent
+.Cd "device crypto"
+.Cd "device cryptodev"
+.Cd "device safe"
+.Ed
+.Pp
+Alternatively, to load the driver as a
+module at boot time, place the following line in
+.Xr loader.conf 5 :
+.Bd -literal -offset indent
+safe_load="YES"
+.Ed
+.Pp
+.Nm sysctl Va hw.safe.debug
+.Nm sysctl Va hw.safe.dump
+.Nm sysctl Va hw.safe.rnginterval
+.Nm sysctl Va hw.safe.rngbufsize
+.Nm sysctl Va hw.safe.rngmaxalarm
+.Sh DESCRIPTION
+The
+.Nm
+driver supports cards containing SafeNet crypto accelerator chips.
+.Pp
+The
+.Nm
+driver registers itself to accelerate DES, Triple-DES, AES, MD5-HMAC,
+SHA1-HMAC, and NULL operations for
+.Xr ipsec 4
+and
+.Xr crypto 4 .
+.Pp
+On all models, the driver registers itself to provide random data to the
+.Xr random 4
+subsystem.
+Periodically the driver will poll the hardware RNG and retrieve
+data for use by the system.
+If the driver detects that the hardware RNG is resonating with any local
+signal, it will reset the oscillators that generate random data.
+Three
+.Xr sysctl 8
+settings control this procedure:
+.Va hw.safe.rnginterval
+specifies the time, in seconds, between polling operations,
+.Va hw.safe.rngbufsize
+specifies the number of 32-bit words to retrieve on each poll,
+and
+.Va hw.safe.rngmaxalarm
+specifies the threshold for resetting the oscillators.
+.Pp
+When the driver is compiled with
+.Dv SAFE_DEBUG
+defined, two
+.Xr sysctl 8
+variables are provided for debugging purposes:
+.Va hw.safe.debug
+can be set to a non-zero value to enable debugging messages to be sent
+to the console for each cryptographic operation,
+.Va hw.safe.dump
+is a write-only variable that can be used to force driver state to be sent
+to the console.
+Set this variable to
+.Dq Li ring
+to dump the current state of the descriptor ring,
+to
+.Dq Li dma
+to dump the hardware DMA registers,
+or
+to
+.Dq Li int
+to dump the hardware interrupt registers.
+.Sh HARDWARE
+The
+.Nm
+driver supports cards containing any of the following chips:
+.Bl -tag -width "SafeNet 1141" -offset indent
+.It SafeNet 1141
+The original chipset.
+Supports DES, Triple-DES, AES, MD5, and SHA-1
+symmetric crypto operations, RNG, public key operations, and full IPsec
+packet processing.
+.It SafeNet 1741
+A faster version of the 1141.
+.El
+.Sh SEE ALSO
+.Xr crypt 3 ,
+.Xr crypto 4 ,
+.Xr intro 4 ,
+.Xr ipsec 4 ,
+.Xr random 4 ,
+.Xr crypto 9
+.Sh BUGS
+Public key support is not implemented.
OpenPOWER on IntegriCloud